Email security

Cybersecurity researchers at Rapid7 have identified a social engineering campaign targeting enterprises with spam emails to gain initial access for further exploitation, The Hacker News reports.

Emails from “Jenny Green” delivered LockBit Black through attached ZIP files.

Hackers are employing Domain Name System tunneling to monitor phishing email interactions, scan networks for vulnerabilities, and bypass security measures, BleepingComputer reports.

A full 70% of security organizations say account takeover has become an even greater threat than ransomware and phishing.

Attacks leveraging the critical Microsoft Outlook privilege escalation vulnerability, tracked as CVE-2023-23397, have been launched by Russian state-sponsored threat operation APT28 — also known as Forest Blizzard, BlueDelta, Fancy Bear, and TA422 — against the Czech Republic and Germany as part of a long-term cyberespionage campaign, according to The Hacker News.

The state-sponsored group is exploiting weak DMARC policies to impersonate legitimate domains.

Suspected Chinese state-backed threat operation Muddling Meerkat has ramped up global DNS manipulation since last September, nearly four years after it commenced such activities, BleepingComputer reports.

BleepingComputer reports that fraudulent United States Postal Service websites used in phishing campaigns recorded similar traffic as the legitimate domain on regular days, while surpassing the traffic of the postal service's real domain during the holiday season.